Accountable mobile E-commerce scheme via identity-based plaintext-checkable encryption

Jinguang Han; Ye Yang; Xinyi Huang; Tsz Hon Yuen; Jiguo Li; Jie Cao

doi:10.1016/j.ins.2016.01.045

Accountable mobile E-commerce scheme via identity-based plaintext-checkable encryption

Jinguang Han
, Ye Yang
, Xinyi Huang
, Tsz Hon Yuen
, Jiguo Li
, Jie Cao

Department of Software Systems & Cybersecurity

Research output: Contribution to journal › Article › Research › peer-review

24 Citations (Scopus)

Abstract

In mobile e-commerce systems, users conduct transactions using wireless or Internet-based devices, such as mobile phones and tablets. It is different from traditional e-commerce systems relying on workstations or desktops, which is usually used in a fixed location. Recently, privacy and accountability have become users' primary concerns in mobile e-commerce applications. In this paper, a novel mobile e-commerce scheme is developed to address the fundamental requirements. We first propose an identity-based plaintext-checkable encryption (IBPCE) scheme where anyone can check whether a ciphertext is the encryption of a plaintext under a specific identity without knowing the secret key. Furthermore, the proposed IBPCE scheme is incorporated into the mobile e-commerce scenario, which results in an accountable mobile e-commerce (AMEC) scheme. Our proposed AMEC scheme has several superior features: (1) Users can register to the e-commerce system by using their mobile identities, such as mobile phone numbers; (2) The transactions between a buyer and a vendor are encrypted; (3) If there is a dispute, an offline adjudicator can identify who is dishonest by checking the encrypted transactions. We evaluate the proposed scheme and confirm that the new scheme can effectively balance the need for privacy and accountability.

Original language	English
Pages (from-to)	143-155
Number of pages	13
Journal	Information Sciences
Volume	345
DOIs	https://doi.org/10.1016/j.ins.2016.01.045
Publication status	Published - 1 Jun 2016

Keywords

Accountability
Identity-based system
Mobile E-commerce
Plaintext-checkable encryption
Privacy

Access to Document

10.1016/j.ins.2016.01.045

Cite this

@article{ef095fc3fb5148ec863d98ac5f8621a6,

title = "Accountable mobile E-commerce scheme via identity-based plaintext-checkable encryption",

abstract = "In mobile e-commerce systems, users conduct transactions using wireless or Internet-based devices, such as mobile phones and tablets. It is different from traditional e-commerce systems relying on workstations or desktops, which is usually used in a fixed location. Recently, privacy and accountability have become users' primary concerns in mobile e-commerce applications. In this paper, a novel mobile e-commerce scheme is developed to address the fundamental requirements. We first propose an identity-based plaintext-checkable encryption (IBPCE) scheme where anyone can check whether a ciphertext is the encryption of a plaintext under a specific identity without knowing the secret key. Furthermore, the proposed IBPCE scheme is incorporated into the mobile e-commerce scenario, which results in an accountable mobile e-commerce (AMEC) scheme. Our proposed AMEC scheme has several superior features: (1) Users can register to the e-commerce system by using their mobile identities, such as mobile phone numbers; (2) The transactions between a buyer and a vendor are encrypted; (3) If there is a dispute, an offline adjudicator can identify who is dishonest by checking the encrypted transactions. We evaluate the proposed scheme and confirm that the new scheme can effectively balance the need for privacy and accountability.",

keywords = "Accountability, Identity-based system, Mobile E-commerce, Plaintext-checkable encryption, Privacy",

author = "Jinguang Han and Ye Yang and Xinyi Huang and Yuen, \{Tsz Hon\} and Jiguo Li and Jie Cao",

note = "Funding Information: The first author is partially supported by National Natural Science Foundation of China (Grant no. 61300213 ), Six Talent Peaks Project of Jiangsu Province (Grant no. 2015-DZXX-020) National Center for International Joint Research on E-Business Information Processing (Grant no. 2013B01035 ) and Jiangsu Provincial Key Laboratory of E-business, Nanjing University of Finance and Economics. The third author is partially supported by National Natural Science Foundation of China (Grant no. 61472083, U1405255 ) Fok Ying Tung Education Foundation (141065), Program for New Century Excellent Talents in Fujian University (JA14067), Distinguished Young Scholars Fund, Fujian Province, China, CICAEET fund and the PAPD fund. The fifth author is partially supported by National Natural Science Foundation of China (Grant No. 61272542 ) and the Fundamental Research Funds for the Central Universities (grant no. 2013B07014). The sixth author is partially supported by National Natural Science Foundation of China (Grant no. 71072172 ), National Key Technologies R \& D Program of China (Grant no. 2013BAH16F00), and Industry Projects in Jiangsu S \& T Pillar Program (Grant no. BE2012185). Publisher Copyright: {\textcopyright} 2016 Elsevier Inc. All rights reserved.",

year = "2016",

month = jun,

day = "1",

doi = "10.1016/j.ins.2016.01.045",

language = "English",

volume = "345",

pages = "143--155",

journal = "Information Sciences",

issn = "0020-0255",

publisher = "Elsevier",

}

TY - JOUR

T1 - Accountable mobile E-commerce scheme via identity-based plaintext-checkable encryption

AU - Han, Jinguang

AU - Yang, Ye

AU - Huang, Xinyi

AU - Yuen, Tsz Hon

AU - Li, Jiguo

AU - Cao, Jie

N1 - Funding Information: The first author is partially supported by National Natural Science Foundation of China (Grant no. 61300213 ), Six Talent Peaks Project of Jiangsu Province (Grant no. 2015-DZXX-020) National Center for International Joint Research on E-Business Information Processing (Grant no. 2013B01035 ) and Jiangsu Provincial Key Laboratory of E-business, Nanjing University of Finance and Economics. The third author is partially supported by National Natural Science Foundation of China (Grant no. 61472083, U1405255 ) Fok Ying Tung Education Foundation (141065), Program for New Century Excellent Talents in Fujian University (JA14067), Distinguished Young Scholars Fund, Fujian Province, China, CICAEET fund and the PAPD fund. The fifth author is partially supported by National Natural Science Foundation of China (Grant No. 61272542 ) and the Fundamental Research Funds for the Central Universities (grant no. 2013B07014). The sixth author is partially supported by National Natural Science Foundation of China (Grant no. 71072172 ), National Key Technologies R & D Program of China (Grant no. 2013BAH16F00), and Industry Projects in Jiangsu S & T Pillar Program (Grant no. BE2012185). Publisher Copyright: © 2016 Elsevier Inc. All rights reserved.

PY - 2016/6/1

Y1 - 2016/6/1

N2 - In mobile e-commerce systems, users conduct transactions using wireless or Internet-based devices, such as mobile phones and tablets. It is different from traditional e-commerce systems relying on workstations or desktops, which is usually used in a fixed location. Recently, privacy and accountability have become users' primary concerns in mobile e-commerce applications. In this paper, a novel mobile e-commerce scheme is developed to address the fundamental requirements. We first propose an identity-based plaintext-checkable encryption (IBPCE) scheme where anyone can check whether a ciphertext is the encryption of a plaintext under a specific identity without knowing the secret key. Furthermore, the proposed IBPCE scheme is incorporated into the mobile e-commerce scenario, which results in an accountable mobile e-commerce (AMEC) scheme. Our proposed AMEC scheme has several superior features: (1) Users can register to the e-commerce system by using their mobile identities, such as mobile phone numbers; (2) The transactions between a buyer and a vendor are encrypted; (3) If there is a dispute, an offline adjudicator can identify who is dishonest by checking the encrypted transactions. We evaluate the proposed scheme and confirm that the new scheme can effectively balance the need for privacy and accountability.

AB - In mobile e-commerce systems, users conduct transactions using wireless or Internet-based devices, such as mobile phones and tablets. It is different from traditional e-commerce systems relying on workstations or desktops, which is usually used in a fixed location. Recently, privacy and accountability have become users' primary concerns in mobile e-commerce applications. In this paper, a novel mobile e-commerce scheme is developed to address the fundamental requirements. We first propose an identity-based plaintext-checkable encryption (IBPCE) scheme where anyone can check whether a ciphertext is the encryption of a plaintext under a specific identity without knowing the secret key. Furthermore, the proposed IBPCE scheme is incorporated into the mobile e-commerce scenario, which results in an accountable mobile e-commerce (AMEC) scheme. Our proposed AMEC scheme has several superior features: (1) Users can register to the e-commerce system by using their mobile identities, such as mobile phone numbers; (2) The transactions between a buyer and a vendor are encrypted; (3) If there is a dispute, an offline adjudicator can identify who is dishonest by checking the encrypted transactions. We evaluate the proposed scheme and confirm that the new scheme can effectively balance the need for privacy and accountability.

KW - Accountability

KW - Identity-based system

KW - Mobile E-commerce

KW - Plaintext-checkable encryption

KW - Privacy

UR - https://www.scopus.com/pages/publications/84960128470

U2 - 10.1016/j.ins.2016.01.045

DO - 10.1016/j.ins.2016.01.045

M3 - Article

AN - SCOPUS:84960128470

SN - 0020-0255

VL - 345

SP - 143

EP - 155

JO - Information Sciences

JF - Information Sciences

ER -

Accountable mobile E-commerce scheme via identity-based plaintext-checkable encryption

Abstract

Keywords

Access to Document

Other files and links

Cite this